[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: stoping net scans



Hello,

On Sat, Apr 12, 2003 at 11:50:10AM -0500, Jos? A. Guzm?n wrote:
>  Is there a tool (log monitoring or otherwise) that effectively blocks incoming
> port scans (maybe interacting with iptables)?.

  A properly configured firewall.
 
>  What are you guys using to block incoming port scans?

  See above.  

  The best thing to do is to set up a "statefull" firewall,
  meaning, any outgoing packet originating from you will be
  allowed back in (ie also known as "reflexive" rules).

  I regret that I don't have any examples on hand, good luck ;)
 
-- 
+--------------------------------------------------------------+
| Welat xwe ava nake, dest bidin hevdu, pist nedin tu dijmin  |
|   Riya azadiy ne hsan e, hviya xwe bernedin, dema me      |
|     nzk e.                                                 |
|                                                              |
| Hevalt bi kesn du r nekin, hevalt bi hevdu ra bikin      |
|   Ne ji hevaltiya wan kesn pxwas  r dirj, ne bi wan     |
|     kesn xwnperest, ne j ji yn din.                      |
|                                                              |
|                                   -Srciya Kurdistan       |
+--------------------------------------------------------------+
  translation provided on request: sereciya@kurdistan.ath.cx



Reply to: